DOC emphasize security sensitivity of joblib.load #879
@@ Coverage Diff @@ ## master #879 +/- ## =========================================== - Coverage 95.28% 84.12% -11.17% =========================================== Files 45 45 Lines 6425 6412 -13 =========================================== - Hits 6122 5394 -728 - Misses 303 1018 +715
ogrisel merged commit
May 29, 2019
2 of 3 checks passed
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request
Oct 31, 2019
Release 0.14.0 Improved the load balancing between workers to avoid stranglers caused by an excessively large batch size when the task duration is varying significantly (because of the combined use of joblib.Parallel and joblib.Memory with a partially warmed cache for instance). joblib/joblib#899 Add official support for Python 3.8: fixed protocol number in Hasher and updated tests. Fix a deadlock when using the dask backend (when scattering large numpy arrays). joblib/joblib#914 Warn users that they should never use joblib.load with files from untrusted sources. Fix security related API change introduced in numpy 1.6.3 that would prevent using joblib with recent numpy versions. joblib/joblib#879 Upgrade to cloudpickle 1.1.1 that add supports for the upcoming Python 3.8 release among other things. joblib/joblib#878 Fix semaphore availability checker to avoid spawning resource trackers on module import. joblib/joblib#893 Fix the oversubscription protection to only protect against nested Parallel calls. This allows joblib to be run in background threads. joblib/joblib#934 Fix ValueError (negative dimensions) when pickling large numpy arrays on Windows. joblib/joblib#920 Upgrade to loky 2.6.0 that add supports for the setting environment variables in child before loading any module. joblib/joblib#940 Fix the oversubscription protection for native libraries using threadpools (OpenBLAS, MKL, Blis and OpenMP runtimes). The maximal number of threads is can now be set in children using the inner_max_num_threads in parallel_backend. It defaults to cpu_count() // n_jobs.
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments.